FeedVulnerabilityNew cPanel and WHM Flaws Enable Code Execution, DoS Attacks...
VulnerabilityCyber Security News
8.8CRITICAL

New cPanel and WHM Flaws Enable Code Execution, DoS Attacks

📅 10 May 2026 at 05:25 UTC📰 Cyber Security NewsView original source ↗

cPanel has disclosed three critical security vulnerabilities tracked as CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 affecting its widely deployed cPanel & WHM web hosting control panel and WP Squared (WP2) platform. The flaws, patched on May 8, 2026, expose servers to arbitrary file reads, Perl code injection, and denial-of-service (DoS) attacks, making immediate patching essential for hosting […] The post New cPanel and WHM Flaws Enable Code Execution, DoS Attacks appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

cPanel and WHM web hosting control panel and WP Squared (WP2) platform are vulnerable to arbitrary file reads, Perl code injection, and denial-of-service (DoS) attacks due to three critical security vulnerabilities.

⚙️Technical Details
CVEs
CVE-2026-29201CVE-2026-29202CVE-2026-29203Affected Systems: cPanel and WHM web hosting control panel and WP Squared (WP2) platform
Affected Systems
cPanel and WHM web hosting control panel and WP Squared (WP2) platform
Attack Vectors
NETWORK
💥Impact Assessment
Severity: Critical
Who Is at Risk
Server administrators of cPanel and WHM web hosting control panel and WP Squared (WP2) platforms
🛡️Recommended Actions
1Immediately apply the patches for CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 to prevent arbitrary file reads, Perl code injection, and denial-of-service (DoS) attacks.
2Monitor server logs for suspicious activity and implement additional security measures to detect and respond to potential attacks.
3Restrict access to the cPanel and WHM web hosting control panel and WP Squared (WP2) platform to authorized personnel only.
📦Affected Products
cPanel, WHM, and WP Squared (WP2)
🔐NVD Verified DataVERIFIED
CVE-2026-29201CVSS 8.6HIGH
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Weaknesses
CWE-23
CVE-2026-29202CVSS 8.8HIGH
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-94
CVE-2026-29203CVSS 8.8HIGH
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-61

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed